A new profile on Facebook? No, it's spam promoting the Toronto Drug Store

Filed Under: Facebook, Featured, Spam

If you receive an email, apparently from Facebook, telling you that you have a new kind of profile - don't rush to click on the link.

Emails have been spammed out with the subject line "You have a new profile", which at first glance might appear as though they really are from the world's largest social networking site.

Here's a typical example of just such an email:

Email claiming to come from Facebook

If you look closely, you'll notice that the spammers did a bad job of forging the "From:" address in that email, but if you hover your mouse over the links contained inside the email you'll see more evidence that something strange is going on.

Surprise surprise.. you're not really taken to Facebook if you click on the links.

Instead your browser is redirected via an intermediary site. When our labs tested the link they ended up seeing a familiar sight - our "old friends" running that most infamous Canadian Pharmacy, the Toronto Drug Store.

Canadian pharmacy website

No doubt whoever is behind this latest spam campaign is earning commission from traffic that they drive to the drugs website, in particular if that traffic then buys a wheelbarrow-load of Viagra and Cialis.

Spam is a nuisance, of course, but as we have explained before - things could have been a lot worse.

The link in the email could have resulted in your computer becoming infected by malware, or your browser being taken to a lookalike Facebook site designed to phish your password.

Take care folks.

, , , ,

You might like

One Response to A new profile on Facebook? No, it's spam promoting the Toronto Drug Store

  1. Freida Gray · 708 days ago

    It seems to me that the spam message is similar to what Facebook put out when they changed to the Timeline profiles.If someone is against the Timeline they may click the link thinking that Facebook has done something they rarely do___ change a change they made.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.